This website uses cookies. Cookies remember your actions and preferences for a better online experience.
Problem and solution
Advantages
Cases
How it works
Open GitHub
To access Slack from Russia, you will need a VPN.
To access Slack from Russia, you will need a VPN.
Open GitHub
Open Slack
RU
Problem and solution
Advantages
Cases
How it works
Open GitHub
Open GitHub
Open source · Easy start · Custom rules · Community support

Anomaly detection and incident response for containers

Runtime Radar is an open source solution for security monitoring and incident response in containerized environments.

Documentation
To access Slack from Russia, you will need a VPN.
Infrastructure and security teams can’t always take vulnerable services out of production until issues are fixed.
Unlike image scanning or CI/CD checks, runtime threats surface in real time:
containers suddenly start miners.
A large number of unused services and legacy containers from past experiments complicate infrastructure monitoring.

Most solutions are complex and expensive. We make protection accessible — through open source and straightforward tools.

processes gain excessive privileges.
unexpected network traffic appears inside a pod.

What do you get from working with Runtime Radar?

Monitoring setup

Easy configuration of ready made container monitoring policies. Filter only the events you need.

Centralized management

A single control point for all containers across your infrastructure. Multi cluster deployments are supported.

Integrations

Send security events via Syslog, SMTP, or webhooks — only what’s needed, with flexible Go template-based messages.

Investigations

Analyze incidents directly in the UI with built-in tools: filters, navigation between parent and child process contexts, and threat indicators.

Flexible rules

write your own anomaly detection signatures in Golang* using the provided SDK.
* - SDK support for Python and other languages is planned.

What you can detect from day one

Runtime monitoring containers
Response automation
Multicluster environment coverage
Integration of container runtime monitoring into SOC — configuration of real-time threat detection and sending alerts to SIEM
Runtime monitoring containers
Response automation
Multicluster environment coverage
Automation of security incident response in containers — launch of automation workflow via webhook integration for interaction with the cluster.
Runtime monitoring containers
Response automation
Multicluster environment coverage
Multi-cluster environment coverage — rapid deployment of runtime monitoring across the entire infrastructure from a single point.

Our engine is built on eBPF and the open source Tetragon sensor

View full scheme

Our engine is built on eBPF and the open source Tetragon sensor

All requests between micro-services goes thought reverse proxy
Cluster Manager: lets you connect clusters into a single console.
Notifier: forwards threat data to your SOC (SIEM and log management: Loki, Elastic Stack, OpenSearch) and ChatOps (Telegram, Slack).
Runtime Monitor: flexibly configures Tetragon and collects events from containers and the kernel.
Event Processor: a high performance anomaly analysis engine on Wasm.
UI: shows threats detected in real time.
Centralized user managment for all instances
Our engine is built on eBPF and the open source Tetragon sensor
All requests between micro-services goes thought reverse proxy
Cluster Manager: lets you connect clusters into a single console.
Notifier: forwards threat data to your SOC (SIEM and log management: Loki, Elastic Stack, OpenSearch) and ChatOps (Telegram, Slack).
Runtime Monitor: flexibly configures Tetragon and collects events from containers and the kernel.
Event Processor: a high performance anomaly analysis engine on Wasm.
UI: shows threats detected in real time.
Centralized user managment for all instances
Install via Helm or Docker

Try Runtime Radar tools to protect your container environments

Cookie Policy
To access Slack from Russia, you will need a VPN.
Open issues
Create feature requests
Test and write bug reports
Share your cases
Open issues
Create feature requests
Test and write bug reports
Share your cases
Open issues
Create feature requests
Test and write bug reports
Share your cases
Open issues
Create feature requests
Test and write bug reports
Share your cases
Open issues
Create feature requests
Test and write bug reports
Share your cases
Open issues
Create feature requests
Test and write bug reports
Share your cases
Open issues
Create feature requests
Test and write bug reports
Share your cases
Documentation
Open GitHub
Open issues
Create feature requests
Test and write bug reports
Share your cases
Made on
Tilda